General
-
Target
0b3f621bc4bc07aa0150923f312bf79f_JaffaCakes118
-
Size
278KB
-
Sample
240501-g3br5shh4s
-
MD5
0b3f621bc4bc07aa0150923f312bf79f
-
SHA1
3373b5f9ad4b5d6745e72ee5dc79fe93432ca845
-
SHA256
112105618068196351bc60363d2ced66e0c33e48623b8075ca7acb4b6e4943ee
-
SHA512
6ef0668680db8fcfba53d403a9670adf763cc0a816fa644b75c62992a1f137f6b9aa3ed4115791055fa6c43f0dd3441d35fd6edf342781f1ccc77c4a7d4903a4
-
SSDEEP
3072:iOsZRgkGcTcdE2AtHVpA3YRZY9PW/jnGwMkvBvQ0v8xhZC68sJRm7mmeCcUNxBBb:CJWdpAZsyY9UjG+pvQm8xRnJEDeC
Static task
static1
Behavioral task
behavioral1
Sample
0b3f621bc4bc07aa0150923f312bf79f_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
0b3f621bc4bc07aa0150923f312bf79f_JaffaCakes118
-
Size
278KB
-
MD5
0b3f621bc4bc07aa0150923f312bf79f
-
SHA1
3373b5f9ad4b5d6745e72ee5dc79fe93432ca845
-
SHA256
112105618068196351bc60363d2ced66e0c33e48623b8075ca7acb4b6e4943ee
-
SHA512
6ef0668680db8fcfba53d403a9670adf763cc0a816fa644b75c62992a1f137f6b9aa3ed4115791055fa6c43f0dd3441d35fd6edf342781f1ccc77c4a7d4903a4
-
SSDEEP
3072:iOsZRgkGcTcdE2AtHVpA3YRZY9PW/jnGwMkvBvQ0v8xhZC68sJRm7mmeCcUNxBBb:CJWdpAZsyY9UjG+pvQm8xRnJEDeC
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-